Finance Industry

SpeedFusion for Compliance

Improve Reliability and Security with Peplink SDWAN

The Challenge

Security is one of the leading industry challenges right now due to the high profile breaches over the past few years. Financial institutions are required to invest in the latest technology to ensure they have the highest security possible. Achieving compliance to regulatory mandates is required and not always easy. Secure site-to-site connectivity is essential when handling personal information.

Example Solutions

Balance 710

MAX BR1 Mini

SD Switch

AP One Enterprise

Balance SDX

SD Switch

AP One Enterprise

The Solution

Multiple WANs helps outbound security and reliability by distributing outgoing communications over all circuits. Further, you can use DNS services like WebTitan with Peplink’s built in DNS proxy to prevent users from defining their own DNS provider and bypassing DNS based security. Peplink routers also have subscription free content blocking. When you combine that with a good default deny policy on the firewall, we can reduce unwanted outgoing traffic. Additionally, using multiple WANs makes it more difficult for an attacker to listen to your traffic as standard load balanced sessions are split among all available WANs reducing your attack surface. Adding bonding to your solution makes it even better.

Bonding increases reliability and security while reducing costs by encrypting all WANs, splitting traffic over those WANs, and centralizing your security architecture. If you previously thought a VPN was secure, imagine a VPN that splits the data over several WANs. Basically, only a small piece of each 256bit AES encrypted packet flows through each WAN, further obfuscating your already encrypted data. For added security, when setting up remote sites, with Peplink SpeedFusion VPN, we set “deny all in/deny all out” as their default firewall rule. You might ask, “What about next gen firewall?” We can setup any firewall at your central site to be the default route for all internet based traffic. Now you have a single, easy to monitor point of entry and exit. By centralizing your firewall, either at a corporate headquarters or in the cloud, you can easily manage total security in your organization.

Security and Reliability are accomplished by:

  • -Using Peplink routers with multiple WANs which will protect your business from WAN failures and add multiple outbound and inbound paths.
  • -Adding bonding which allows VPN traffic to be encrypted with 256bit AES and adds packet distribution over all available WANs.
  • -Bonding for session persistence over all WANs for unbreakable communications.
  • -When combined with centralized security, bonding, allows remote sites to enforce a deny all in and out to minimize attack surface.
  • -Bonding with centralized security provides a single point of entry and exit which is easier to monitor and secure with a single appliance